Filtrer par type de contenu
Sélectionnez un ou plusieurs filtres. Ce choix permettra de recharger la page pour afficher les résultats filtrés.
634 résultats
-
-
Séminaire
-
SoSysec
A Compositional and Complete approach to Verifying Privacy Properties using the Applied Pi-calculus
Orateur : Ross Horne (University of Luxembourg)
The pi-calculus was introduced for verifying cryptographic protocols by Abadi and Fournet in 2001. They proposed an equivalence technique, called bisimilarity, useful for verify privacy properties. It is widely acknowledged (cf. Paige and Tarjan 1987), that bisimilarity is more efficient to check than trace equivalence; however, surprisingly, tools based on the applied pi-calculus typically still[…] -
-
-
Séminaire
-
SoSysec
How to decrypt without keys with GlobalPlatform SCP02 protocol
Orateur : par Loic Ferreira (Orange Labs, IRISA)
The GlobalPlatform SCP02 protocol is a security protocol implemented in smart cards, and used by transport companies, in the banking world and by mobile network operators (UICC/SIM cards). We describe how to perform a padding oracle attack against SCP02. The attack allows an adversary to efficiently retrieve plaintext bytes from an encrypted data field. We provide results of our experiments done[…] -
-
-
Séminaire
-
SoSysec
Breaking and fixing HB+DB: A Short Tale of Provable vs Experimental Security and Lightweight Designs
Orateur : Ioana Boureanu (University of Surrey)
HB+ is a well-know authentication scheme purposely designed to be lightweight. However, HB+ is vulnerable to a key-recovery, man-in-the-middle (MiM) attack dubbed GRS. To this end, at WiSec2015, the HB+DB protocol added a distance-bounding dimension to HB+, which was experimentally shown to counteract the GRS attack.In this talk, we will exhibit however a number of security flaws in the HB+DB[…] -
-
-
Séminaire
-
SoSysec
Voting : You Can’t Have Privacy without Individual Verifiability
Orateur : Joseph Lallemand (Loria)
Electronic voting typically aims at two main security goals: vote privacy and verifiability. These two goals are often seen as antagonistic and some national agencies even impose a hierarchy between them: first privacy, and then verifiability as an additional feature. Verifiability typically includes individual verifiability (a voter can check that her ballot is counted); universal verifiability […] -
-
-
Séminaire
-
SoSysec
Binary Edwards Curves for intrinsically secure ECC implementations for the IoT
Orateur : Antoine Loiseau (CEA)
Even if recent advances in public key cryptography tend to focus on algorithms able to survive the post quantum era, at present, there is a urgent need to propose fast, low power and securely implemented cryptography to address the immediate security challenges of the IoT. In this talk, we present a new set of Binary Edwards Curves which have been defined to achieve the highest security levels (up[…] -
-
-
Séminaire
-
SoSysec
When Good Components Go Bad: Formally Secure CompilationDespite Dynamic Compromise
Orateur : Catalin Hritcu (Inria Paris)
We propose a new formal criterion for secure compilation, providing strong end-to-end security guarantees for components written in unsafe, low-level languages with C-style undefined behavior. Our criterion is the first to model dynamic compromise in a system of mutually distrustful components running with least privilege. Each component is protected from all the others until it becomes[…] -